Last week, a number of people hailed the further declassification of DOJ Inspector General’s Report on FBI’s use of Exigent Letters.
That enthusiasm is misplaced, however. What too few people noticed is the thankless work Charlie Savage did to identify what was newly declassified. He had FOIAed the IG Report, which is what set off the declassification review.
In fact, FBI redacted three things that had previously been visible. On page 55/PDF 68, it redacted the title, “Diagram 2.1: Calling Circle or “Community of Interest.” On page 105/PDF 118 they redacted language indicating they use a certain kind of “language” to order what are probably also communities of interest. Finally, on page 207/PDF 220, FBI newly redacted the title, “Chart 4.3 Records for 10 Telephone Numbers Uploaded to FBI Databases With the Longest Periods of Overcollection.”
So the NYT sued the FBI to declassify language that should be declassified, given everything we’ve learned about related programs subsequent to the Snowden leaks, and FBI responded by trying to pretend we don’t know they were getting (and still get, per DOJ IG’s most recently report) call chains from telecoms.
To be fair, FBI did declassify some new stuff. That includes:
About the most interesting declassification was a citation to a Carrie Johnson story, published well over a year before the IG Report came out, describing the collection on those 3 journalists. The IG Report invoked this language in the story…
Mueller called the top editors at The Washington Post and the New York Times to express regret that agents had not followed proper procedures when they sought telephone records under a process that allowed them to bypass grand jury review in emergency cases.
… as evidence to support a footnote, which (except for the reference to Johnson’s article) had been unclassified, explaining,
In addition to the letter, Director Mueller called the editors of the two newspapers to express regret that the FBI agents had not followed proper procedures when they sought the reporters’ telephone records.
That is, they had classified reference to a published news article as S/NF! (Though I suppose it is possible that the fact they were hiding is that Glenn Fine had to read the WaPo to figure out what happened here, because Mueller wasn’t speaking directly to him.)
Congratulations to Carrie Johnson who I guess now classifies as a state secret!
I asked the Savage (and through him, NYT’s lawyer, David McCraw) how the NYT felt about FBI classifying, rather than declassifying language in response to his suit, and he suggested NYT expects DOJ to pay them for their time. “We have incurred no outside counsel fees and anticipate that the government will be required to pay us for the time spent by in-house counsel.”
Still, I think Savage (and FOIA requesters generally) should get finder’s fees every time the government newly classifies stuff years later … impose some kind of fine for stupid overclassification.
Update: Corrected timing on Johnson story which came out in August 2008, so 17 months before the IG Report.
“They were pretty much obliterated,” said one Capitol Hill staffer who attended the exercise. “The active-duty team didn’t even know how they’d been attacked.”
Nevertheless, here is one of the things he told Ken Dilanian in his second “exclusive” interview attempting to explain why he should get rich in the private sector capitalizing on 9 years of fear-mongering about cyber.
“If I retired from the Army as a brain surgeon, wouldn’t it be OK for me to go into private practice and make money doing brain surgery?” he asked. “I’m a cyber guy. Can’t I go to work and do cyber stuff?”
Alexander’s story has changed a bit since his last attempt to explain himself, to Shane Harris. The number of patents he’ll get expanded from 9 to 10.
His firm is developing as many as 10 patents, he said, and has secured contracts with three clients he declines to name.
And he claims — after apparently not challenging the underlying $1 million a month claim to Harris — that his rates were always overblown.
Reports of his firm charging $1 million a month for consulting services are not accurate, he said, though he declined to disclose his firm’s fees.
“That number was inflated from the beginning,” he said.
But that’s not the best bit. In addition to revolving door shadow regulator Promontory Financial Group (which goes unmentioned in both stories) and the Chertoff Group, Dilanian reveals who gave Alexander the advise he could get rich off serving the last 9 years in a top national security position: Someone who spent those same years in a top national security position.
Lawyers at NSA and his private lawyers— including former FBI Director Robert Mueller, now with the Wilmer Hale law firm in Washington — have told him he is on firm legal footing, Alexander said.
These exclusives are all well and nice, but both of them ignore the reports about Alexander serving as the lead to set up a public-private partnership between the banksters and the national security state to infringe our privacy in order to keep the banks safe (heck neither mentions his known contract with SIFMA).
Until exclusives actually ask Alexander about the known thrust of this program, they’re going to help his credibility no more than the exclusives with the same journalists explaining NSA spying did.
For another purpose, I’m reviewing Robert Mueller’s declaration in support of the government’s report to the FISA Court in 2009, attempting to get full phone dragnet privileges turned back on. (starting on PDF 91)
As part of it, Mueller provides narratives about 4 FBI investigations that became full investigations as a result of phone dragnet data.
One of those (the first, starting on PDF 102) is Basaaly Moalin. As I’ve already noted, that involved the connection of at least one and almost certainly two T-Mobile cell phone users to a phone used by Somali warlord Aden Ayro.
While the declaration’s redaction on this point is inconsistent, it does confirm cell phones were involved in the chain between Ayro and Moalin (and may suggest Moalin was identified on a 3rd degree connection, not 2nd as court documents had seemed to imply).
But the description of another case, ultimately involving a selector who got killed off, involved another cell phone.
Of course, in this case, the newly identified cell phone could be an AT&T cell, and there seems to be no claim that those aren’t collected under the phone dragnet.
Altogether, unredacted sections of Mueller’s narrative mention cell phones 6 times, and a number of the redactions appear likely to hide others. A number of those, mind you, are probably foreign cells, which were likely collected under EO 12333. But given that 12333 data was mixed with (and, indeed, indistinguishable from to the NSA at that point) Section 215 data, claims the database couldn’t accept cell data seem clearly wrong.
Still, given all the credulous claims that the phone dragnet has not been collecting cell data, it seems rather relevant that FBI’s own discussions of the phone dragnet successes involve so many cell phones.
I’m at a great conference on national security and civil liberties. Unfortunately, speakers have repeatedly claimed that NSA fully informs Congress on its programs.
Even setting aside Dianne Feinstein’s admission that the intelligence committees exercise less oversight over programs conducted under EO 12333, there are a number of public documents that show the Executive failing to fully inform Congress:
April 27, 2005: Alberto Gonzales and Robert Mueller brief SSCI on PATRIOT Authorities in advance of reauthorization. They make no mention of the use of PR/TT to gather Internet metadata, much less the violations of Colleen Kollar-Kotelly limits on the kind of data collected during the first period of its use.
October 21, 2009: A Michael Leiter and NSA Associate Deputy Director briefing to the House Intelligence Committee pointed to the September 3, 2009 phone dragnet reauthorization as proof that NSA had regained FISC’s confidence, without mentioning further violations on September 21 and 23 — violations that NSA did not inform FISC about.
August 16, 2010: DOJ did not provide the Intelligence and Judiciary Committees with some of the pre-July 10, 2008 FISC rulings providing significant constructions of FISA pertaining to — at a minimum — Section 215 until after the first PATRIOT Reauthorization.
February 2, 2011: House Intelligence Chair Mike Rogers did not invite members of Congress to read the 2011 notice about the phone and Internet dragnets. Approximately 86 freshmen members — 65 of whom voted to reauthorize the PATRIOT Act, a sufficient number to tip the vote — had no opportunity to read that notice.
May 13, 2011: In a briefing by Robert Mueller and Valerie Caproni designed to substitute for the Executive’s notice to Congressmen about the phone and Internet dragnets, the following exchange took place.
Comment — Russ Feingold said that Section 215 authorities have been abused. How does the FBI respond to that accusation?
A — To the FBI’s knowledge, those authorities have not been abused.
While the balance of the briefing remains redacted, this seems to suggest the FBI did not brief House Republicans about the dragnet violations.
September 1, 2011: NSA did not provide notice to the House Judiciary Committee about its testing of geolocation data under Section 215 until after the reauthorization of PATRIOT Act, in spite of the fact that it had been conducting such tests throughout the 2010 and 2011 debates on the PATRIOT Act.
Update: The change went into effect on July 1, 2013, so before Comey’s coronation.
I’ve been tracking the FBI’s embrace of its national security/intelligence role (with a consequent inattention to bank crimes, in particular) for years – notably with this post on its self-congratulation a decade after 9/11. (See also this post, this post, and this one.)
So regular readers will be unsurprised by Foreign Policy’s report that the FBI’s boilerplate fact sheet now hails its primary function to be national security.
But quietly and without notice, the agency has finally decided to make it official in one of its organizational fact sheets. Instead of declaring “law enforcement” as its “primary function,” as it has for years, the FBI fact sheet now lists “national security” as its chief mission. The changes largely reflect the FBI reforms put in place after September 11, 2001, which some have criticized for de-prioritizing law enforcement activities. Regardless, with the 9/11 attacks more than a decade in the past, the timing of the edits is baffling some FBI-watchers.
But I am a bit interested in the question FP goes onto ask: when did this happen. It appears to have happened during the summer.
“What happened in the last year that changed?” asked Kel McClanahan, a Washington-based national security lawyer.
McClanahan noticed the change last month while reviewing a Freedom of Information Act (FOIA) request from the agency. The FBI fact sheet accompanies every FOIA response and highlights a variety of facts about the agency. After noticing the change, McClanahan reviewed his records and saw that the revised fact sheets began going out this summer. “I think they’re trying to rebrand,” he said. “So many good things happen to your agency when you tie it to national security.”
What FP doesn’t answer is why this happened.
But one possibility is the arrival of Jim Comey.
Comey didn’t take over as FBI DIrector until September 4, 2013. But his confirmation hearing (more of a coronation, really) was on July 9; his confirmation vote was on July 29. So he had plenty of time to complete the FBI’s rebranding as a domestic spy agency rather than its premier domestic law enforcement agency before he officially took over.
I checked his
confirmation hearing coronation, to see if he announced this rebranding. I’ve been unable to find a formal statement (!!). And while later in the hearing he talked about balancing the intelligence side with the law enforcement side (the FBI itself emphasized this part of the hearing), what apparently extemporaneous statement he did give focused on the FBI’s transition under Robert Mueller to an intelligence agency. (This is my transcription of the non-family part, which took up half of the statement; it starts around 42:30.)
If I’m confirmed for this position I will follow a great American, one who has been clear-eyed about the threat facing our country, especially the metastasizing terrorist threat, the cyber-threat, that poses a risk to our secrets, to our commerce, to our people, and most ominously, to the networks we depend upon as our lifeblood. I know he has changed the FBI, as the Chairman and the Ranking Member described, in fundamental and crucial ways. I know that this will be a hard job. I’m sure that things will go wrong and I will make mistakes. What I pledge to you though is to follow Bob Mueller’s example of staring hard at those mistakes, learning from those mistakes, and getting better as a result of those mistakes. His legacy of candor and straight-forwardness and integrity is one that I pledge to continue. I also know that the FBI is and must be an independent entity in the life of America. It cannot be associated with any party or any interest or any group. It has to be seen as the good guys and good gals in this country. The FBI is and must be about finding the facts and only the facts in a fair, thorough, and objective way, and to do that with a rock-solid commitment to our Constitution and to our laws. That culture of commitment to law and resistance to any jeopardy of independence is at the core of the FBI. I know it is deep inside FBI Agents. Those values are the things that I love about the FBI.
It wouldn’t be surprising that a guy with roots in NY who was prosecuting terrorism even before 9/11 would adopt this focus. Nor do I, thus far, have reason to believe he won’t be better at going after banksters than Mueller was (and Obama has finally shifted some focus to it).
But I do hope — given his appeal to independence — he realizes that making the FBI a domestic intelligence agency does make the FBI a partisan institution, because it de-emphasizes a threat every bit as serious as terrorists and cybercriminals: the banksters.
At yesterday’s Senate Judiciary Committee hearing on the dragnet, the government’s numbers supporting the value of the dragnet got even worse. At one point, Pat Leahy asserted that the phone dragnet had only been useful in one case (in the last hearing, there had been a debate over whether it had been critical in one or two cases).
Leahy (after 1:09:40): We’ve already established that Section 215 was uniquely valuable in just one terrorism case, not the 54 that have been talked about before.
In a follow up some minutes later, Keith Alexander laid out numbers that explain how the Administration had presented that 1 case as 12 in previous claims.
Alexander (at 1:21:30): As you correctly stated, there was one unique case under 215 where the metadata helped. There were 7 others where it contributed. And 4 where it didn’t find anything of value, and we were able to tell the FBI that.
That is, to publicly claim that the phone dragnet has been useful in 12 cases, the Administration included 7 cases where — as with the Najibullah Zazi case — it proved to be a tool that provided non-critical information available by other means, and 4 cases where it was useful only because it didn’t show any results.
To fluff their numbers, the Administration has been counting cases where the phone dragnet didn’t show results as showing results of no results.
With sketchy numbers like that, it’s high time for a closer examination of the details — and the timing — of the Basaaly Moalin prosecution, the only case (Alexander now agrees) where the phone dragnet has been critical.
As a reminder, Moalin was first identified via the dragnet — probably on a second hop away from Somali warlord Aden Ayro – in October 2007. They used that and probably whatever tip they used to investigate him in 2003 to get a FISA warrant by December 20, 2007. Only 2 months later, February 26, 2008, was al-Shabaab listed as a foreign terrorist organization. Ayro was killed on May 1, 2008, though the government kept the tap on Moalin through December 2008, during which period they collected evidence of Moalin donating money (maybe 3 times as much as he gave to al-Shabaab-related people) to a range of people who had nothing to do with al-Shabaab. A CIPA stipulation presented at the trial revealed that during this period after the inculpatory conversations, Moalin’s tribe and Shabaab split and Moalin’s collections supported other entities in Somalia.
1. Money collected for the Ayr sub-clan was given to individuals including Abukar Suyare (Abukar Mohamed) and Fare Yare, who were associated with the Ilays charity.
2. Money collected by the men in Guracewl on behalf of the Ayr sub-clan was given to a group that was not as-Shabaab. [sic]
3. There was a dispute between al-Shabaab, the Ayr clan and Ilays over the administration pf [sic] of Galgaduud regions.
4. Members of the Ilays charity and the Ayr sub-clan, including Abukar Suryare, were opposed to the al-Shabaab and were Ayrow’s enemies.
On April 8, 2009, FBI would search the hawala used to send money based entirely on Moalin’s case. Yet on April 23, 2009, according to a document referenced but not provided to Moalin’s defense, the FBI concluded that Moalin not only no longer expressed support for al-Shabaab, but that he had only ever supported it because of tribal loyalties, not support for terrorism.
The San Diego FIG assesses that Moalin, who belongs to the Hawiye tribe/Habr Gedir clan/Ayr subclan, is the most significant al-Shabaab fundraiser in the San Diego Area of Operations (AOR). Although Moalin has previously expressed support for al-Shabaab, he is likely more attentive to Ayr subclan issues and is not ideologically driven to support al-Shabaab. The San Deigo FIG assesses that Moalin likely supported now deceased senior al-Shabaab leader Aden Hashi Ayrow due to Ayrow’s tribal affiliation with the Hawiye tribe/Habr Gedir clan/Ayr subclan rather than his position in al-Shabaab. Moalin has also worked diligently to support Ayr issues to promote his own status with Habr Gedir elders. The San Diego FIG assesses, based on reporting that Moalin has provided direction regarding financial accounts to be used when transferring funds overseas that he also serves as a controller for the US-based al-Shabaab fundraising network.
The intercepts on which the prosecution was based support this. They show that Moalin’s conversations with Ayro and others focused on fighting the (American-backed) Ethiopian invaders of his region, not anything outside of Somalia.
The CBC has a Snowden-based story about how the NSA helped Canada’s Communications Security Establishment Canada in advance of and during the G20 held in Toronto in 2010. That isn’t all that surprising. As the story notes, it’s consistent with other stories of NSA spying surrounding international diplomatic meetings.
But the story does note that the Snowden documents make it clear there was no specific al Qaeda threat. Instead, the “threat” to the meeting came from “issue-based extremists.”
Much of the secret G20 document is devoted to security details at the summit, although it notes: “The intelligence community assesses there is no specific, credible information that al-Qa’ida or other Islamic extremists are targeting” the event.
No matter. The NSA warns the more likely security threat would come from “issue-based extremists” conducting acts of vandalism.
The comment reminds me of a paragraph in testimony Alberto Gonzales and Robert Mueller gave to the Senate Intelligence Committee in 2005, in advance of the first PATRIOT Act reauthorization. The testimony is notable for Gonzales and Mueller’s silence about the use of Pen Registers to collect a significant chunk of all the Internet-based metadata in the US (NSA had already been caught collecting “metadata” that was really “content” by then), even while he emphasized the “relevant to” language that had been added to Pen Registers in 2001.
Sensibly, Section 214 of the USA PATRIOT Act simplified the standard that the government must meet in order to obtain pen/trap data in national security cases. Now, in order to obtain a national security pen/trap order, the applicant must certify “that the information likely to be obtained is foreign intelligence information not concerning a United States person, or is relevant to an investigation to protect against international terrorism or clandestine intelligence activities.” Importantly, the law requires that such an investigation of a United States person may not be conducted solely upon the basis of activities protected by the First Amendment to the Constitution.
Section 214 should not be permitted to expire and return us to the days when it was more difficult to obtain pen/trap authority in important national security cases than in normal criminal cases. This is especially true when the law already includes provisions that adequately protect the civil liberties of Americans. I urge you to reauthorize section 214.
Over the course of the reauthorization process, of course, Congress added that “relevance” language to Section 215, which served as the basis for the phone dragnet of all American’s phone calls.
But the paragraph of the Gonzales/Mueller testimony that stuck out at me described how PATRIOT Section 203 — which permitted the sharing of Grand Jury, wiretap, and other criminal investigation information with intelligence professionals — had authorized information sharing at similar high profile meetings. After 8 bullet point examples showing how this information sharing had supported terrorism (or Iraqi) investigations, the testimony then revealed it had been used to authorize information sharing during 2004′s G-8 and Presidential Conventions.
In addition, last year, during a series of high-profile events — the G-8 Summit in Georgia, the Democratic Convention in Boston and the Republican Convention in New York, the November 2004 presidential election and other events — a task force used the information sharing provisions under Section 203(d) as part and parcel of performing its critical duties. The 2004 Threat Task Force was a successful inter-agency effort where there was a robust sharing of information at all levels of government.
Now perhaps these big meetings faced an Al Qaeda threat in 2004 that the G-20 didn’t face in 2010. But I’m cognizant that PATRIOT defines “foreign intelligence information” to include “sabotage,” which might be used to treat legitimate “issue-based extremists” as terrorists.
We already know that anti-war protestors (the kind of “single-issue extremists” who protested in big numbers in 2004) were investigated as terrorists as early as 2002, though DOJ professed to be unable to connect all the investigations together. Indeed, precisely that kind of “criminal” investigation started in local FBI offices is the kind of information that might be shared under PATRIOT 203(d) with a Task Force facing protestors.
We don’t know, from this one paragraph, what kind of information the government shared in 2004 in the name of “foreign intelligence.” But the 2010 Canadian example suggests the government is still (or was, as recently as 2010) treating legitimate protestors as outside infiltrators. Which makes it likely that the US did the same back during the height of anti-Iraq War protests.
They’re using the wrong agency and the wrong minimization procedures.
Section 215 reads, in part:
[T]he Director of the Federal Bureau of Investigation or a designee of the Director (whose rank shall be no lower than Assistant Special Agent in Charge) may make an application for an order requiring the production of any tangible things [my emphasis]
Here’s who signed the application that kicked off the phone dragnet program:
This is probably the lesser of these two problems. After all, the law permits the FBI Director to delegate this, and delegating the application to your boss is probably perfectly fine. Though it is a bit of a conflict if the boss in question was, in part, trying to legalize a program that had operated under his purview when he worked at the White House.
The problem becomes bigger still given that there’s no explanation of how it is that an NSA declaration serves as backup for an application to obtain data for the NSA, the use of which is limited to FBI. At least in what we get (which, remember, is what got produced to Congress, not what got submitted to the Court), there’s no discussion of that process.
The other problem is a bit more complicated. As I described last week, the 2006 Reauthorization of the PATRIOT Act included a new requirement that the Attorney General develop minimization procedures for Section 215.
(1) IN GENERAL- Not later than 180 days after the date of the enactment of the USA PATRIOT Improvement and Reauthorization Act of 2005, the Attorney General shall adopt specific minimization procedures governing the retention and dissemination by the Federal Bureau of Investigation of any tangible things, or information therein, received by the Federal Bureau of Investigation in response to an order under this title.
(2) DEFINED- In this section, the term `minimization procedures’ means–
(A) specific procedures that are reasonably designed in light of the purpose and technique of an order for the production of tangible things, to minimize the retention, and prohibit the dissemination, of nonpublicly available information concerning unconsenting United States persons consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information;
(B) procedures that require that nonpublicly available information, which is not foreign intelligence information, as defined in section 101(e)(1), shall not be disseminated in a manner that identifies any United States person, without such person’s consent, unless such person’s identity is necessary to understand foreign intelligence information or assess its importance;
This post describes how DOJ basically blew off that requirement and — at least according to former DOJ Inspector General Glenn Fine — instead used existing procedures that didn’t meet the terms of the law.
Given that this application passed just 2 months after the Reauthorization, this dragnet application was probably one of the earliest Section 215 applications submitted after the Reauthorization so there might have been a discussion about this new requirement anyway. But in this case, the new requirement should have posed an additional problem. The data went not to FBI, but immediately to NSA, an enormous database of non-publicly available of information pertaining to US persons, handed off without a hint of minimization first.
Here’s how the application dealt with minimization procedures.
NSA will apply the existing (Attorney General approved) guidelines in United States Signals Intelligence Directive 18 (1993) … to minimize the information reported concerning U.S. persons.
USSID 18 is supposed to be less restrictive than FBI minimization procedures (though FBI data gets shared freely with other agencies).
There’s not only no discussion in this application of how USSID 18 meets the terms of the law, but there’s no discussion of what it means that NSA basically got unminimized data for which FBI is, by law, the proper recipient, which should be the most voluminous minimization violation ever.
And yet … the application doesn’t even acknowledge this problem at all.
But to give those two background, I want to look at a passage in the Internet dragnet opinion, in which Colleen Kollar-Kotelly describes a fascinating briefing that she received in advance of authoring what Orin Kerr describes as a “quite strange” opinion.
After describing some declarations she received (including one from a person whose title remains redacted) and some questions she posed, she describes this briefing.
The Court also relies on information and arguments presented in a briefing to the Court on [redacted] which addressed the current and near-term threats posed by [redacted reference to Al Qaeda and others], investigations conducted by the Federal Bureau of investigation (FBI) to counter those threats, the proposed collection activities of the NSA (now described in the instant application), the expected analytical value of information so collected in efforts to identify and track operatives [redacted] and the legal bases for conducting these collection activities under FISA’s pen register/trap and trace provisions. 4
4 This briefing was attended by (among others) the Attorney General; [redacted] the DIRNSA; the Director of the FBI; the Counsel to the President; the Assistant Attorney General for the Office of Legal Counsel; the Director of the Terrorist Threat Integration Center (TTIC); and Counsel for Intelligence Policy.
That is, right at the beginning of her opinion, Kollar-Kotelly tells us that she had a briefing with:
On page 30, Kollar-Kotelly seems to refer to the same redacted person again, which in the context of the reference to CIA v. Sims in that footnote, seems to suggest this is a reference to CIA Director George Tenet, which suggests the redacted author of the brief she relied on was authored by Tenet. (I leave open the more tantalizing possibility that it’s someone like Dick Cheney, but highly doubt it.)
So before she approved the use of FISA’s Pen Register to collect much of the Internet metadata in the US, she had a meeting with at least one of the villains — Alberto Gonzales — of the hospital confrontation at which DOJ refused to reauthorize the Internet metadata program that was part of the President’s illegal wiretap program, and at least three of its “heroes:” Ashcroft, Mueller, and Goldsmith.
Interestingly, this meeting does not appear — at least not described as such — in the Draft NSA IG Report description of the transition to a FISC order.
After extensive coordination, DoJ and NSA devised the PRITT theory to which the Chief Judge of the FISC seemed amenable. DoJ and NSA worked closely over the following months, exchanging drafts of the application, preparing declarations, and responding to questions from court advisers. NSA representatives explained the capabilities that were needed to recreate the Authority, and DoJ personnel devised a workable legal basis to meet those needs. In April 2004, NSA briefed Judge Kollar-Kotelly and a law clerk because Judge Kollar-Kotelly was researching the impact of using PSP-derived information in FISA applications. In May 2004, NSA personnel provided a technical briefmg on NSA collection of bulk Internet metadata to Judge Kollar-Kotelly. In addition, General Hayden said he met with Judge Kollar-Kotelly on two successive Saturdays during the summer of 2004 to discuss the on-going efforts.
Was this “briefing” one of the Saturday meetings Hayden had with FISC’s Presiding Judge?
More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.
The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]
The Internet dragnet was illegal. At least 3 of the people who conveyed the importance of authorizing this program had said so — in very dramatic fashion — less than four months before she would do so.
And yet she wrote a memo saying it was legal.
Update, 8/12/14: This application confirms that George Tenet was the redacted declaration submitter.
For 4 years, it has been clear that DOJ Inspector General Glenn Fine used his 2008 report on the FBI’s use of Section 215 to address how it had been used for what was then a secret program. For that reason, I want to look more closely at what he had to say about minimization.
Glenn Fine reveals how FBI minimization procedures are self-referential nonsense
As I noted, as part of a congressionally-mandated review completed in March 2008, DOJ’s Inspector General Glenn Fine reviewed whether DOJ had complied with PATRIOT Reauthorization’s requirement that the Attorney General craft minimization procedures to use with Section 215 collection.
He described how, in advance of a September 5, 2006 deadline, two parts of DOJ squabbled over what the minimization procedures should be.
Several months after enactment of the Reauthorization Act, the Office of Intelligence Policy and Review (OIPR) and the FBI — both of whom had been developing minimization procedures related to Section 215 orders — exchanged draft procedures. The drafts differed in fundamental respects, ranging from definitions to the scope of the procedures.
The fight seems to have been significantly fought between OIPR’s Counsel James Baker (who had a record of trying to get DOJ to follow the law) and FBI’s General Counsel Valerie Caproni (who got confirmed as a Federal Judge for NY this year literally at the same moment the Administration started releasing the most damning details on the dragnet).
Unresolved issues included the time period for retention of information, definitional issues of “U.S. person identifying information,” and whether to include procedures for addressing material received in response to, but beyond the scope of, the FISA Court order; uploading information into FBI databases; and handling large or sensitive data collections.
A couple of months would put this debate squarely in the time period when the first dragnet order would be signed (two months would be May 9; the first order was signed May 24).
And you can see how these issues would go squarely to the heart of whether or not the government could use Section 215 to authorize the dragnet. The dragnet introduces immediate retention issues, given that it authorizes collection on data not yet in existence; imagine if OIPR mandated an immediate search, with all non-responsive numbers to be destroyed. NSA itself treated phone numbers as “identifiers,” and yet this entire program fails to meet the most basic dissemination limits if you treat them as identifiers here. We know NSA had recurrent problem with receiving data that was beyond the scope, including credit card numbers and international data. Unloading this into the FBI database presents immense problems, given that the foreign intelligence value of a query is based on a algorithm, not more concrete evidence. And of course, Fine’s mention of the debate over “handling large or sensitive data collections” must implicate the dragnet, which is the quintessential large and sensitive data collection.
Almost the entirety of the detailed discussion of these issues is redacted.